BIT-NODE-MIN-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

BIT-NODE-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which stems from integer overflows during the generation of proof reports, leading to failed buffer copy operations and potentially causing memory corruption...

Linux Distros Unpatched Vulnerability : CVE-2026-34588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to...

PT-2026-30635

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation...

OpenEXR 安全漏洞

OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR from 3.4.0 to 3.4.9 contained security vulnerabilities. These vulnerabilities stemmed from the lack of boundary checks on the dataWindow property, which coul...

OpenEXR 缓冲区错误漏洞

OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR prior to 3.1.0 and 3.2.7, as well as versions prior to 3.3.9 and 3.4.9, contain a buffer error vulnerability. This vulnerability stems from integer overflows...

Linux Distros Unpatched Vulnerability : CVE-2026-34378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to...

PT-2026-30659

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.2.0 through 3.2.6, 3.3.9, and 3.4.9 Description A signed integer overflow exists in the undo pxr24 impl function within the OpenEXR library. The expression uint64 tw 3 calculates w 3 as a signed 32-bit integer before...

OpenEXR 缓冲区错误漏洞

OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR prior to 3.2.0, 3.3.9, and 3.4.9 contained a buffer error vulnerability. This vulnerability stems from integer overflows, which could lead to bypassing...

PT-2026-30657

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

rdiscount has an Out-of-bounds Read

Summary A signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser, allowing the parser to read past the end of the supplied buffer and crash the process. Details In both...

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20460-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20460-1 advisory. Changes in chromium: - Chromium 146.0.7680.177 boo1261249 CVE-2026-5273: Use after free in CSS CVE-2026-5272: Heap buffer overflow in GPU...

SUSE CVE-2026-3308

An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code executio...

CVE-2026-5476

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...

openSUSE 16 Security Update : tinyproxy (openSUSE-SU-2026:20456-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20456-1 advisory. Changes in tinyproxy: - CVE-2026-3945: Fixed denial of service by unauthenticated remote attacker boo1261024 - Update to release 1.11.3 conf: add...

CVE-2025-43238

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination...

OpenEXR: integer overflow to OOB write in uncompress_b44_impl()

Summary The B44/B44A decoder in OpenEXR reconstructs row pointers into a scratch buffer using int. When the channel width nx is large enough, the product y nx overflows int, causing the row pointer to wrap before the start of the scratch buffer. Subsequent memcpy calls then write decoded pixel...

GHSA-H762-RHV3-H25V OpenEXR: integer overflow to OOB write in uncompress_b44_impl()

Summary The B44/B44A decoder in OpenEXR reconstructs row pointers into a scratch buffer using int. When the channel width nx is large enough, the product y nx overflows int, causing the row pointer to wrap before the start of the scratch buffer. Subsequent memcpy calls then write decoded pixel...

CVE-2026-23457

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntracksip module. This vulnerability arises from an integer truncation error when processing the Content-Length header in Session Initiation Protocol SIP messages. On 64-bit systems, large Content-Length valu...